6 matches found
EUVD-2016-10805
ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with...
CVE-2016-20025
ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with...
CVE-2016-20025
CVE-2016-20025 affects ZKTeco ZKAccess Professional 3.5.3. The issue is an insecure file-permissions vulnerability where the Modify permission granted to the Authenticated Users group lets authenticated users replace executable binaries, enabling privilege escalation. Documented impact includes p...
CVE-2016-20025
ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with...
PT-2026-25665
Name of the Vulnerable Software and Affected Versions ZKTeco ZKAccess Professional version 3.5.3 Description The software contains an insecure file permissions issue that allows authenticated users to escalate privileges. Attackers can exploit the Modify permission granted to the Authenticated...
ZKTeco ZKAccess Professional 3.5.3 File Elevation of Privilege Vulnerability
ZKTeco ZKAccess Professional is an access control system. ZKTeco ZKAccess Professional 3.5.3 File Elevation of Privilege Vulnerability, which occurs due to incorrect privileges of an authenticated user with the 'M' flag...